PT-2025-49366

Name of the Vulnerable Software and Affected Versions UTT 进取 520W version 1.7.7-180627 Description A flaw exists in the strcpy function within the /goform/formArpBindConfig file. Manipulation of the pools argument can lead to a buffer overflow, potentially allowing for remote attacks. The exploit...

Security Bulletin: In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.

Summary In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. Vulnerability Details CVEID:CVE-2024-28219 DESCRIPTION: In imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. CWE:CWE-680:...

CVE-2025-60699

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592B20191022ALL within the global.so binary. The getSaveConfig function retrieves the httphost parameter from user input via websGetVar and copies it into a fixed-size stack buffer v13 using strcpy without...

EUVD-2025-175304

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary setDefResponse function. The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack...

CVE-2025-60695

A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...

CVE-2025-60695

A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...

curl: Unsafe use of strcpy in Curl_ldap_err2string (packages/OS400/os400sys.c) — stack-buffer-overflow (PoC + ASan)

I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug...

Buffer Overflow

libcsp.so is vulnerable to Buffer Overflow. The vulnerability is due to improper handling of the ifname parameter in the cspethinit function, where strcpy is used without validating input length, which allows an attacker to overflow the buffer and potentially execute arbitrary code...

curl: Use of Deprecated strcpy() with Fixed-Size Buffers in Progress Time Formatting

Step 2: Locate Vulnerable Code in Progress.c Find exact strcpy usage in toolprogress.c grep -n "strcpy" ./src/toolprogress.c OUTPUT: 94: strcpyr, "--:--:--"; Step 3: Analyze the Vulnerable Function View complete time2str function sed -n '/^static void time2str/,/^/p' ./src/toolprogress.c Vulnerab...

curl: Buffer Overflow in WebSocket Handshake (lib/ws.c:1287)

Summary: Buffer overflow vulnerability in curl's WebSocket implementation due to unsafe use of strcpy in the handshake process. The vulnerability is located at lib/ws.c:1287 where strcpykeyval, randstr is called without proper bounds checking, despite having a bounds check earlier in the code. AI...

CVE-2025-11653

A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilize...

EUVD-2025-33917

A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilize...

CVE-2025-11653

A vulnerability was determined in UTT HiPER 2620G up to 3.1.4. Impacted is the function strcpy of the file /goform/fNTP. This manipulation of the argument NTPServerIP causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilize...

PT-2025-41741

Name of the Vulnerable Software and Affected Versions UTT HiPER 2620G versions through 3.1.4 Description A flaw exists in UTT HiPER 2620G up to version 3.1.4. The strcpy function within the /goform/fNTP file is susceptible to a buffer overflow when the NTPServerIP argument is manipulated. This...

UTT HiPER 2620G 安全漏洞

The UTT HiPER 2620G is an enterprise router from China Aitai UTT. A security vulnerability exists in UTT HiPER 2620G 3.1.4 and earlier versions, which originates from a misbehavior of the function strcpy in the file /goform/fNTP with respect to the parameter NTPServerIP, which may result in a...

CVE-2025-11355

A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-11355

A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-11355 UTT 1250GW aspChangeChannel strcpy buffer overflow

A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

EUVD-2011-5256

Malware in sbrugna...

EUVD-2020-28813

Malware in sbrugna...